In total, he sought communications about 16 organizations, including #Harvard’s Berkman Klein Center & DHS’s’s #Cybersecurity & Infrastructure #Security Agency (#CISA), as well as…about 39 individuals.
Notably, this includes several #journalists: In addition to #Bellingcat & #AnneApplebaum, the document also asks for communications w/ #NBCNews senior reporter #BrandyZadrozny.
Samsung's clipboard #security flaw exposes all copied content, including passwords, as plain text indefinitely.
Users are advised to avoid using the clipboard for sensitive #information until a fix is implemented.
#Samsung moderators acknowledge the issue and are considering enhancements for future updates.
For now, consider using #passkeys for secure authentication.
Stay vigilant.
For several people who received or saw the document, the broad requests for unredacted information felt like a “witch hunt,”…one that could put the #privacy & #security of numerous individuals & organizations at risk.
Beattie, whom #Trump appointed in Feb to be the acting undersecretary for #public #diplomacy, told #State Dept ofcls that his goal…was a “#TwitterFiles” like release of internal State Dept documents “to rebuild trust with the American public”….
DATE: May 02, 2025 at 04:30PM
SOURCE: HEALTHCARE INFO SECURITY
Direct article link at end of text block below.
Lessons Learned from the #Blackbaud Hack and Legal Fallout https://t.co/u3cHdYVd7o
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
DATE: May 02, 2025 at 04:17PM
SOURCE: HEALTHCARE INFO SECURITY
Direct article link at end of text block below.
#WhiteHouse Proposes $500 Million Cut to @CISAgov https://t.co/1KXTTLbZe3
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
What, if any, is the harm mitigation path for iOS users that suspect their device has been compromised by a zero tap RCE?
I wanted to create a VLAN to keep my Mastodon server separate from my LAN. Two days later, I now have 8 VLANs. I think I have a problem.
Good day, it's a new month and we're supporting a new Domestic Violence family with groceries and a few bills this month. I'm collecting more refurbished devices as well. If you'd like to support this on-going work https://ko-fi.com/lockdownyourlife We are 20% toward the goal (I added mine in too). 
You know we know how to avoid mistakes like this, right?
#security #vilecoding #software
https://krebsonsecurity.com/2025/05/xai-dev-leaks-api-key-for-private-spacex-tesla-llms/
Hundreds of thousands of Computers won't be able to upgrade to Windows 11, but that shouldn't make them eWaste.
Kudos to the @kde team for this amazing initiative!
Betrüger senden E-Mails im Namen der Steuerverwaltung
Das saarländische Finanzministerium warnt vor falschen E-Mails im Namen des Steuerzentralamts. Betrüger fordern Bürgern zur Zahlung von Mahngebühren auf.
Windows-Log-in über RDP mit widerrufenen Passwörten möglich
Ein Sicherheitsalbtraum: Angreifer können sich mit alten, widerrufenen Passwörtern anmelden. Änderungen plant Microsoft nicht.
DATE: May 02, 2025 at 08:22AM
SOURCE: HEALTHCARE INFO SECURITY
Direct article link at end of text block below.
What types of third-party vendors are most vulnerable to falling victim to major #health data hacks? https://t.co/parRr2ffP5
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.
-------------------------------------------------
#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering
"I have yet to meet an admin who plausibly claims to never have been tripped up by their overload rules at some point."
More, and a walk down memory lane, in "The Hail Mary Cloud And The Lessons Learned" https://nxdomain.no/~peter/hailmary_lessons_learned.html
#ssh #passwords #bruteforce #passwordgroping #cybercrime #openbsd #pf #packetfilter #security #guessablepasswords #hailmary #hailmarycloud
PSA: The Tor Browser Security Level slider cannot be relied upon without a full browser restart (per an anonymous community report and confirmed by Privacy Guides staff) - Make sure you are aware of this if you rely on this feature for your safety.
https://www.privacyguides.org/articles/2025/05/02/tor-security-slider-flaw/
Tor Browser opsec discovery: The security level slider cannot be relied upon without a full browser restart: https://www.privacyguides.org/articles/2025/05/02/tor-security-slider-flaw/
If you frequently switch between security levels in Tor Browser (or Mullvad Browser!), make sure you are fully restarting the browser every time, otherwise you could still unexpectedly have dangerous JS features enabled!
This requirement is not publicly documented anywhere. Hopefully @torproject will add a prompt to restart after modifying this setting in a future Tor Browser release.
Interesting Git repos of the week:
Strategy:
* https://github.com/TalEliyahu/awesome-CISO-maturity-models - modelling your strategy
Detection:
* https://github.com/yevh/TaaC-AI - threat modelling as code
* https://github.com/thalesgroup-cert/Watcher - build your own threat hunting platform with Thales
* https://github.com/microsoft/msticpy - Microsoft's TI tooling
Exploitation:
* https://github.com/specfy/stack-analyser - what's in the stack?
Hardening:
* https://github.com/nistorj/ISR1000 - guestshell on the ISR1000
Scammers Use Spain-Portugal Blackout for TAP Air Refund Phishing Scam – Source:hackread.com https://ciso2ciso.com/scammers-use-spain-portugal-blackout-for-tap-air-refund-phishing-scam-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #ScamsandFraud #PhishingScam #CyberAttack #Hackread #Phishing #Portugal #security #europe #TAPAir #Fraud #Spain #Scam
Once #DOGE employees (i.e. Musk's henchmen) gained access to the US government IT systems, login attempts with the correct credential and password combination were made from #Russia within 15 min.
At this point we should assume that all US government information systems have been compromised. It would be extremely foolish for any governments to share intelligence with the USA.
x8 
